Disable FTP clear/plain text authentication

If you've read our previous article on how to pass PCI compliance scans, you might notice that you failed a PCI scan due to FTP clear/plain text authentication being used. In this article we'll discuss disabling FTP clear/plain text authentication.

By default when you establish an FTP connection to the server, your credentials are passed to the server as clear/plain text. What this can mean is that if someone was sniffing the network traffic from your computer to the server because you were on a open WiFi network for instance, they could potentially compromise your account. So requiring an encrypted connection instead of a clear/plain text one can help protect your account against this.

It's important to note that this change would require you having root access on your VPS or dedicated server, as this is an advanced setting and the default can't be changed on our shared servers.